more-arw search

Report: Enterprises Avoid IT Audits, Endanger Networks

A lack of internal reviews may be compromising the security of enterprise networks.

Global consulting firm Protiviti recently released its annual IT Audit Benchmarking Survey, revealing that a number of large enterprises are neglecting crucial internal assessments that could be putting their network and data in jeopardy.

According to the research, 42 percent of the 500 global IT professionals surveyed indicated that their firms do not have the resources to execute portions of their internal risk assessment practices. In addition to these findings, one in four enterprises with annual revenues up to $1 billion do not have any protocol in place for an IT audit.

"There are simply too many risks associated with the pervasive use of technology including social media and mobile devices and not enough focus on identifying and managing those risks," said Bob Hirth, Protiviti executive vice president. "We hope that our survey data and insights will inspire organizations to take a hard look at the effectiveness of their IT audit function."

Accountability seems to be a contributing factor in many cases, as 43 percent of respondents indicated that their companies lack an IT auditor or staff member with comparable responsibilities. For enterprises lacking the internal resources for thorough security assessments, partnering with third-party experts may help shore up network loopholes, experts agree.